Proton has released a new two-factor authentication app called Proton Authenticator, further expanding its lineup of privacy-focused tools.
The app generates time-based one-time passwords (TOTPs) that refresh every 30 seconds, offering an added layer of account security that goes beyond traditional passwords. It’s available for free on iOS, Android, Windows, macOS, and Linux. Like the rest of Proton’s offerings, it’s open-source, ad-free, and built with end-to-end encryption to keep user data private.
Proton Authenticator doesn’t require a Proton account to use, and it works entirely offline. Users can sync their 2FA tokens across devices and easily import or export login codes—something most other authenticators don’t allow. The app automatically backs up codes in encrypted form, and it supports biometric or PIN-based app locking for extra protection. This is especially useful when switching devices or recovering access, without sacrificing control over your information.
Proton’s goal is to offer an alternative to proprietary options like Google Authenticator and Microsoft Authenticator, which often lack encrypted backups and restrict users through closed ecosystems. Proton Authenticator, on the other hand, avoids vendor lock-in and is designed to be transparent. According to the company, the source code will be published on GitHub shortly after launch. This is in line with Proton’s open development philosophy.
Eamonn Maguire, Proton’s Head of Account Security, emphasized that strong 2FA should be for everyone, not just those deeply concerned with privacy. He pointed out that Proton Authenticator is meant to be simple, secure, and independent of Big Tech. Account takeover attacks continue to rise, costing billions each year, and Proton believes that accessible tools like this one are essential in pushing back against threats like phishing, SIM-swapping, and data harvesting.
Download Proton Authenticator for free here.
The release follows Proton’s recent launch of Lumo, a privacy-first AI chatbot that doesn’t retain user conversations or use them for model training. With the addition of Proton Authenticator, the company now covers more of the digital privacy stack. It includes email, VPN, storage, passwords, and now 2FA, all without forcing users into surveillance-based ecosystems.
